Bug 445282

Summary: Kernel crashes with ipsec connection over ppp
Product: [Fedora] Fedora Reporter: Magnus Vesterlund <magnus_vesterlund>
Component: kernelAssignee: Herbert Xu <herbert.xu>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: 9CC: kernel-maint
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-14 00:56:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Sample panic messages. none

Description Magnus Vesterlund 2008-05-05 21:42:00 UTC 
Kernel crashes with ipsec connection over ppp

Description of problem:

I get kernel crashes when I set up an ipsec connection over ppp on a Huawei E220
HSDPA USB modem in the Fedora 9 beta. If I try to copy a large file over the
ipsec connection the machine hangs completely within a few seconds with the caps
lock and scroll lock lights blinking. I have an ipsec.conf file that looks like
this, somewhat censored:


version	2.0

config setup
	protostack=netkey
	nat_traversal=yes

conn xxx
        left=xxx.xxx.xxx.xxx
        leftid=@xxx
        right=xxx.xxx.xxx.xxx
        rightsubnet=xxx.xxx.xxx.xxx/24
        rightid=@xxx
        auto=start
        aggrmode=yes
        authby=secret
        pfs=no
        ike=3des-sha1-modp1024


include /etc/ipsec.d/*.conf


If I set up an identical ipsec connection on an ethernet interface instead it
works without problems, and non-ipsec traffic on the ppp connection doesn't
cause any problems.

I have seen a few different kernel panic messages, attaching a file with three
samples.


Version-Release number of selected component (if applicable):
kernel-2.6.25-14.fc9.x86_64

How reproducible:
Crashes within a few seconds every time.

Steps to Reproduce:
1. Set up ipsec connection over ppp connection over HSDPA USB modem.
2. Copy a large file over the connection using scp.

Actual results:
Kernel crash.

Expected results:
No kernel crash.
Comment 1 Magnus Vesterlund 2008-05-05 21:42:00 UTC 
Created attachment 304566 [details]
Sample panic messages.
Comment 2 Bug Zapper 2008-05-14 10:41:15 UTC 
Changing version to '9' as part of upcoming Fedora 9 GA.
More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 3 Chuck Ebbert 2008-05-17 05:48:10 UTC 
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c:ipv4_conntrack_help(), line 131

        return helper->help(skb, skb_network_offset(skb) + ip_hdrlen(skb),
                            ct, ctinfo);

helper contains a bad address: 0xffff810000000100
Comment 4 Herbert Xu 2009-01-08 06:44:18 UTC 
Is this still reproducible with the latest kernel? Thanks!
Comment 5 Magnus Vesterlund 2009-01-13 16:35:16 UTC 
Seems to be fixed. I can't reproduce with neither kernel-2.6.27.9-73.fc9.x86_64 nor kernel-2.6.27.9-159.fc10.x86_64.